Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ytkMx9t2JYLaZV9rakajp5zm_CU.roa
File: ytkMx9t2JYLaZV9rakajp5zm_CU.roa (raw, json)
Hash identifier: eLjKChbyzR4OaHcVyG70iwFA0i2pToe3EpKcWojOreA=
Subject key identifier: CA:D9:0C:C7:DB:76:25:82:DA:65:5F:6B:6A:46:A3:A7:9C:E6:FC:25
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37A1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ytkMx9t2JYLaZV9rakajp5zm_CU.roa
Signing time: Tue 02 Apr 2024 18:22:15 +0000
ROA not before: Tue 02 Apr 2024 18:22:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14241 (0x37a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 18:22:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CAD90CC7DB762582DA655F6B6A46A3A79CE6FC25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:19:66:08:4f:7d:97:0d:29:0d:0f:64:1b:a5:
7d:70:43:6c:2f:a0:dd:92:0a:97:3b:4e:9a:5f:d9:
d8:15:09:af:ba:b6:e7:a8:06:d7:7c:80:19:7f:6f:
97:e7:4a:3e:5d:3b:96:55:5f:91:9b:05:6a:50:92:
a9:d3:b8:04:23:33:03:40:0f:24:69:4c:5e:04:67:
5d:b6:07:75:6f:66:b9:e6:18:0d:90:6b:af:eb:c0:
2c:c7:f0:f4:fd:83:11:43:64:90:1e:dc:74:82:2f:
9f:24:9d:ca:41:95:1f:19:01:bd:71:7a:cb:de:37:
be:54:b1:36:17:ce:00:94:19:0b:41:69:38:64:19:
87:11:8e:fb:31:bd:17:28:f9:88:6e:66:1c:19:11:
03:ae:c8:4e:8c:e8:65:0b:47:39:ab:8e:57:ea:6d:
f2:4b:fa:ca:23:74:ef:22:84:98:28:72:c1:66:3d:
0a:36:f6:7b:db:11:73:76:41:6f:f5:10:87:9a:56:
79:f4:f5:59:8d:41:bb:0e:b6:fc:cf:8d:0f:99:ce:
0c:73:97:2e:79:d8:82:24:a2:be:5f:40:f0:42:c6:
85:3c:60:a1:88:8f:99:f4:93:8a:ec:1d:e0:6b:53:
61:ea:d0:21:39:f3:e0:5a:1e:78:0d:0b:2f:05:1d:
d2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D9:0C:C7:DB:76:25:82:DA:65:5F:6B:6A:46:A3:A7:9C:E6:FC:25
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ytkMx9t2JYLaZV9rakajp5zm_CU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
0d:4d:cc:23:46:0f:db:63:81:9f:d3:4e:ac:99:9a:4d:a9:0e:
b4:e7:10:55:00:49:bf:4e:d4:66:7b:31:6a:70:75:ba:9e:1f:
f8:0d:81:49:9c:0f:5e:b2:73:f2:80:58:97:87:e3:f4:48:84:
a7:7c:d3:4e:63:61:7b:39:33:17:31:bd:2c:aa:a3:ea:d5:89:
c1:7a:c1:09:57:30:8b:e1:fe:b1:ef:bf:25:b6:c5:72:d6:09:
56:15:ae:16:3f:dc:ef:4a:14:eb:5f:2a:bf:9f:c3:58:15:87:
a6:9e:eb:af:a5:2a:2b:26:48:31:9e:3f:a3:cd:cd:38:34:b3:
c7:3a:e5:93:45:91:33:b7:cb:01:05:94:2e:42:ad:6c:57:e1:
75:a2:7b:bd:ac:e7:37:a7:c0:85:ef:e5:2c:0b:1b:f4:28:ea:
26:9d:53:2b:a9:91:f9:4c:4d:9e:d0:1f:43:98:19:70:91:15:
93:30:1a:71:e4:86:76:a5:cd:ef:37:b9:1b:00:67:7b:93:01:
51:7d:41:d6:cc:57:f3:50:d8:1b:77:e5:10:50:02:2c:49:f3:
68:30:21:22:47:d8:9c:56:66:b4:a7:c4:8e:ea:4b:6a:bd:5d:
58:14:b2:4d:d3:4f:3b:81:a3:e4:df:6d:76:be:f7:1a:d5:c7:
0e:5f:70:7b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICN6EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIx
ODIyMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENBRDkwQ0M3REI3NjI1
ODJEQTY1NUY2QjZBNDZBM0E3OUNFNkZDMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTGWYIT32XDSkND2QbpX1wQ2wvoN2SCpc7Tppf2dgVCa+6tueo
Btd8gBl/b5fnSj5dO5ZVX5GbBWpQkqnTuAQjMwNADyRpTF4EZ122B3VvZrnmGA2Q
a6/rwCzH8PT9gxFDZJAe3HSCL58kncpBlR8ZAb1xesveN75UsTYXzgCUGQtBaThk
GYcRjvsxvRco+YhuZhwZEQOuyE6M6GULRzmrjlfqbfJL+sojdO8ihJgocsFmPQo2
9nvbEXN2QW/1EIeaVnn09VmNQbsOtvzPjQ+Zzgxzly552IIkor5fQPBCxoU8YKGI
j5n0k4rsHeBrU2Hq0CE58+BaHngNCy8FHdIjAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUytkMx9t2JYLaZV9rakajp5zm/CUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3l0a014OXQySllMYVpW
OXJha2FqcDV6bV9DVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAA1NzCNGD9tjgZ/T
TqyZmk2pDrTnEFUASb9O1GZ7MWpwdbqeH/gNgUmcD16yc/KAWJeH4/RIhKd8005j
YXs5MxcxvSyqo+rVicF6wQlXMIvh/rHvvyW2xXLWCVYVrhY/3O9KFOtfKr+fw1gV
h6ae66+lKismSDGeP6PNzTg0s8c65ZNFkTO3ywEFlC5CrWxX4XWie72s5zenwIXv
5SwLG/Qo6iadUyupkflMTZ7QH0OYGXCRFZMwGnHkhnalze83uRsAZ3uTAVF9QdbM
V/NQ2Bt35RBQAixJ82gwISJH2JxWZrSnxI7qS2q9XVgUsk3TTzuBo+TfbXa+9xrV
xw5fcHs=
-----END CERTIFICATE-----
Generated at Wed Apr 3 01:44:26 2024 by rpki-client on console.sobornost.net